Comments on: More on Security Announcements /articles/more-on-security-announcements/ Software Engineer and Consultant Sat, 29 Oct 2016 01:51:02 +0000 hourly 1 By: Basic Thinking Blog » Wordpress: Ganz schlechtes Releasemanagement /articles/more-on-security-announcements/comment-page-1/#comment-77 Sun, 21 Aug 2005 16:00:23 +0000 http://blog.blackdown.de/2005/08/15/more-on-security-announcements/#comment-77 […] Juergen looks at it as mine: I expect to get information about security issues from a central, easy-findable place from any project or product that has public exposure and more than a handful of users. (Yes, I expect that from open source projects too. Look around the net to see how good others handle it.) Expecting your users to gather information about a problem from forums, blogs, foreign sites, or the source code is simply unprofessional. […]

]]> By: Jon Dowland /articles/more-on-security-announcements/comment-page-1/#comment-75 Wed, 17 Aug 2005 16:26:01 +0000 http://blog.blackdown.de/2005/08/15/more-on-security-announcements/#comment-75 Agreed, utterly. A good start would be to use the announce list, so you didn’t have to rely on randomly stumbling across the page to learn you’re vulnerable to 10s of security holes.

But once that hurdle is passed, I hope that one-day we’ll get point releases with *just* the security problem solved. That’d make distributing WP with things like Debian GNU/Linux feasible.

]]>